Indian cybersecurity culture is 60% strategic and 33% embedded: McAfee

About 60% of organisations in India describe their culture towards cybersecurity as strategic, while 33% say it is embedded, according to a study by cloud cybersecurity firm McAfee.

In contrast, only 27% of Australian and 40% of Singaporean C suite executives believed their cybersecurity culture was strategic.

In a strategic cybersecurity environment, the security decisions are taken by the top management. At a culturally security embedded enterprise, the decisions towards cybersecurity are taken with inputs from multiple levels of the organisation.

The Asia Pacific cybersecurity and risk report also revealed that 97% of Indian respondents are aware of the concept of cyber resilience, which is higher than that of Australia (73%) and New Zealand (75%), a statement from the company said.

Cyber resilience refers to a company’s ability to function and deliver intended outcomes despite cyber-attacks or adverse events.

The report surveyed 480 cybersecurity decision-makers across eight APAC countries, including Hong Kong, India, Indonesia, Malaysia, Singapore and Thailand.

“While organisations can put a cost on cybersecurity damages related to a data breach, reputational damage, impact on sales and other areas are difficult to measure, implying that the level of belief that a cost can be placed is higher than expected,” Sanjay Manohar, managing director, McAfee India said.

Manohar also added that Indian companies are most likely to have a high incidence of cyber-attacks, hence cybersecurity in digital transformation needs to be undertaken at the management level in order to cater to evolving regulation and compliance needs.

In terms of information technology security, respondents said that they would like to see data protection, recovery planning, response and recovery communications improve by 2021.

Meanwhile, increased budgets for data, cloud and network protection remain top priorities for enterprises who are looking towards more optimal and mature cybersecurity.

In terms of the top three risk predictions, data breach (62%), data tampering (49%) and fraud (43%) are challenges that enterprises will be facing in 2021.

The report said that an enterprise faced up to 120 data breaches on average last year, with APAC respondents estimating an average loss of $298,812. McAfee also said that large organisations were more prone to breaches and the average was as high as 209 incidents in 2019.